Developer Access
Sign in to the portal
Use GitHub or your email and password to manage apps, keys, members, and billing plans.
Hosted sign-in
without the auth stack.
Aelith Auth turns a wallet or account login into a verified JWT with the developer experience of a hosted auth product and the trust boundary of public-key verification. Redirect in, token out, verify anywhere.
< 10 min
to first verified login
1 redirect
from hosted login to JWT
0 secrets
shared with your backend
Live auth sequence
Redirect. Authenticate. Verify.
Register the surface
Portal setup
Create an app in the portal, copy the API key, and lock down the exact redirect URIs that are allowed to receive tokens.
Redirect for login
Runtime
Send the user to auth.aelith.ai/login with app_id and redirect_uri. Hosted apps can use wallet connect, then return to your app with a token.
Verify the token
Runtime
Your app receives a JWT back on the redirect and verifies it through the hosted endpoint or directly against the public JWKS.
const token = req.nextUrl.searchParams.get('token')
const res = await fetch('https://auth.aelith.ai/api/verify', {
method: 'POST',
headers: { 'x-api-key': process.env.AELITH_API_KEY! },
body: JSON.stringify({ token }),
})
const { valid, userId, email } = await res.json()What you are buying
A product surface, not a bag of auth primitives.
The landing promise is simple: your team should not need to invent login UX, session issuance, JWT signing, and redirect safety from scratch to ship one trustworthy sign-in path.
Developer portal
Own the app registry
App IDs, API keys, redirect rules, and lifecycle controls live in one place instead of in env var folklore.
Auth surface
Ship a familiar redirect flow
Users hit a dedicated auth property, connect a wallet for app auth or use portal account login, and return with a token ready to verify.
Verification layer
Trust what your server can prove
Verification works through the hosted endpoint or locally with the public JWKS, so you can choose speed or control.
Integration
Verify the token where your product already lives.
The fastest path is a hosted verification call with your API key. If your architecture prefers local verification, the public JWKS is already there.
Public verification material
GET https://auth.aelith.ai/.well-known/jwks.jsonCached, public, and ready for any standard JWT library that understands remote JWK sets.
// Server-side token verification (any language/framework)
const res = await fetch('https://auth.aelith.ai/api/verify', {
method: 'POST',
headers: {
'x-api-key': process.env.AELITH_API_KEY!,
'Content-Type': 'application/json',
},
body: JSON.stringify({ token }),
})
const { valid, userId, email } = await res.json()
if (!valid) {
return Response.json({ error: 'Unauthorized' }, { status: 401 })
}
// userId → your user's stable ID (cuid)
// email → user email when availableSecurity rails
Built to remove sharp edges, not hide them.
Hosted auth first
Wallet connect is built in for hosted app auth, while GitHub plus email and password stay available for portal access.
Asymmetric by default
Tokens are signed with RS256 and exposed through JWKS, so your backend verifies with a public key instead of a shared secret.
Stable user identity
Each verified account maps to a persistent userId, so reconnects, provider changes, and product upgrades do not fork identity across your app.
Redirects locked down
Unknown redirect destinations are rejected before login completes, which closes the most common hosted-auth redirect footgun.
Hosted or local verify
Use the hosted verification endpoint for the fastest path or keep verification inside your own service with the public JWKS.
Built for product teams
The portal keeps keys, app metadata, and redirect rules in one place so auth changes are operational instead of handwritten.
Start shipping
Give your app a real sign-in path this week.
Register the app, copy the key, wire the redirect, and verify the token. That is the whole product loop.